Ax Sharma reports: A bug on Ford Motor Company’s website allowed for accessing sensitive systems and obtaining proprietary data, such as customer databases, employee records, internal tickets, etc. The data exposure stemmed from a misconfigured instance of Pega Infinity customer engagement system running on Ford’s servers. Read more on BleepingComputer.
Category: U.S.
T-Mobile Investigating Claims of Massive Customer Data Breach
Joseph Cox reports: T-Mobile says it is investigating a forum post claiming to be selling a mountain of personal data. The forum post itself doesn’t mention T-Mobile, but the seller told Motherboard they have obtained data related to over 100 million people, and that the data came from T-Mobile servers. The data includes social security…
Case Files Affected in Dallas Police Department Data Loss
Claire Cardona reports: Multiple terabytes of Dallas Police Department data are missing and may be unrecoverable after being deleted during a data migration process in April, according to the Dallas County District Attorney’s Office. District Attorney John Creuzot said in a disclosure notice to defense attorneys Wednesday that the city had learned in April that…
Current and former North Carolina state employees notified of unintended exposure of file on intranet
From the no-need-to-hack-when-it’s-leaking dept., state edition, the North Carolina Department of Information Technology and Office of State Human Resources are notifying 84,860 current or former state agency employees that a file with their name and SSN was uploaded by mistake to a state intranet site accessed by more than 65,000 authenticated users: We are writing…
Data breach at US waste management firm exposes employees’ healthcare details
Emma Woollacott reports: A data breach at US waste management firm Waste Management Resources has exposed the healthcare information of current and former employees, as well as their dependents. The company says that on January 21, it discovered signs of suspicious activity. “We immediately launched an investigation, with the assistance of third-party forensic specialists, to determine…
Brooklyn Tech students uncovered a NYC schools data breach.
Pooja Salhotra reports: Teachers’ social security numbers, student academic records, and families’ home addresses are among the dozens of pieces of information a group of tech savvy high school students stumbled across on Google Drive this year. The documents — many of which contained confidential information — were leaked because of a quirk in the…